package com.gzy.demo1.controller;

import com.gzy.demo1.dto.R;
import com.gzy.demo1.model.Account;
import com.gzy.demo1.resp.AccountRepository;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.*;

import javax.validation.Valid;
import javax.validation.constraints.NotBlank;
import java.util.Objects;

@CrossOrigin(origins = "http://localhost:9528", maxAge = 3600)
@RestController
public class AuthController {

    @Autowired
    AccountRepository accountRepository;

    @PostMapping("/login")
    R<String> login(@Valid @RequestBody LoginPara loginPara){

//        if (StringUtils.isEmpty(loginPara.username)){
//            return "请输入用户名";
//        }

        Account account = accountRepository.findAccountByUsername(loginPara.username);

        if (account == null){
            return new R<String>(null,R.Code.error,"用户不存在");
//            return ;
        }

        if (!Objects.equals(account.getPassword(),loginPara.password)) {
            return new R<String>(null,R.Code.error,"密码不正确");
        }

        String jwt = Jwts.builder()
//                .setExpiration(new Date(System.currentTimeMillis() + time))
                .setSubject(account.getUsername())
                .signWith(SignatureAlgorithm.HS256, "123456789")
                .compact();


        return new R<String>(jwt,R.Code.OK);
       //  jwt;//"登录成功";
    }

    @GetMapping("/userinfo")
    R<Account> getUserInfo(@AuthenticationPrincipal UserDetails user){
//        Optional<Account> byId = accountRepository.findById(0L);
//        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
//        String name = authentication.getName();
        String username = user.getUsername();
        Account account = accountRepository.findAccountByUsername(username);
//        return byId.get();
        return new R<Account>(account,R.Code.OK);

    }

    @Secured("ROLE_admin")
    @GetMapping("/admin_userinfo")
    Account admin_userinfo(){
//        Optional<Account> byId = accountRepository.findById(0L);
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        String name = authentication.getName();
        Account account = accountRepository.findAccountByUsername(name);
//        return byId.get();
        return account;
    }
    @Secured("ROLE_USER")
//    @PreAuthorize("hasRole(\"USER\")")
    @GetMapping("/user_userinfo")
    Account user_userinfo(){
//        Optional<Account> byId = accountRepository.findById(0L);
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        String name = authentication.getName();
        Account account = accountRepository.findAccountByUsername(name);
//        return byId.get();
        return account;
    }
}

class LoginPara{

    @NotBlank
    String username;
    @NotBlank
    String password;

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }
}
